General

Malware Config

Signatures

Files

• 778ee9eed18d79a8344aeaa35726075c889bb391599977ee9787162465e23c4a

  .zip
• 使用方法.txt
• 免费登陆.jpg

  .jpg
• 开启成功.jpg

  .jpg
• 操作说明及其使用前注意事项.txt
• 疯狂神器2014-终极版.exe

  .exe windows x86

  1661faa1bb64ebf2340c98d70c024033

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvfw32

  DrawDibDraw

  avifil32

  AVIStreamGetFrame

  winmm

  midiStreamStop

  ws2_32

  listen

  version

  GetFileVersionInfoSizeA

  kernel32

  HeapReAlloc

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  CreatePopupMenu

  gdi32

  ExcludeClipRect

  winspool.drv

  OpenPrinterA

  comdlg32

  GetFileTitleA

  advapi32

  RegQueryValueA

  shell32

  Shell_NotifyIconA

  ole32

  OleRun

  oleaut32

  LHashValOfNameSys

  comctl32

  ord17

  Sections

  .text

  Size: - Virtual size: 679KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 13.8MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 338KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 4.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 16.8MB - Virtual size: 16.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 120KB - Virtual size: 120KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• 购买地址.txt